New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does mamba support the Windows certificate store? #530
Comments
IIUC to use the Windows certificate store you need to have |
Update:...it seems OpenSSL may support the Windows Credential Store via an option |
Note: |
For micromamba we're using SChannel and SecureTransport now and I tested it (using badssl.com, very useful) to make sure it works. I think cURL on Windows has been compiled against SChannel for a while now (on conda-forge). Although I am not sure if openssl is also available in that build. You could try to set a specific backend using the environmnet variable:
For micromamba, we're "forcing" curl to use SChannel and SecureTransport. However, we don't do that for mamba itself right now (since the situation is a bit different, certificates should generally be available in the prefix from the |
Thanks for the tip @wolfv! I'll double check with a recent |
Thanks. Through the micromamba work I at least know how we can fix that :) We can also dynamically set the SSL backend from condarc or some other configuration file, if necessary |
Ok, digging in further and it appears
...however it's failing due to being unable to connect to our revocation server 🤦 It might be nice to have some way to pass through I guess I was thrown by the fact that |
Thanks @dhirschfeld for looking into this, at least we got some payoff of the recent changes to print more cURL error strings :) Also, there is a Micromamba flag for this now and you can use the env var Best effort is something we haven't implemented yet. I wanted to refactor a bit how we pass options to curl, and I can try to keep that in mind... |
The error message is excellent! 🎉 Being able to set |
Just posting here to mention that
|
I'm not sure if this is a problem with
mamba
or just the config on my machine but I'm seeing SSL errors against a repo server using self-signed certificates:Setting
ssl_cerify: false
in my.condarc
"fixes" the problem - but that's less that ideal.Before going down the rabbit-hole I just wanted to confirm that
mamba
will use the Windows certificate store?The text was updated successfully, but these errors were encountered: